technical architecture
Table of Contents

OASP4NET Guide

Introduction

Welcome to OASP4Net framework user guide. In this documment you will find the information reagarding how to start and deploy your project using the guidelines proposed in our solution.

All the guidelines shown and used in this document are a set of rules and conventions proposed and supported by Microsoft and the industry.

The package

Devon4Net package solution contains:

File / Folder Content

Documentation

User documentation in HTML format

Samples

Different samples implemented in .NET and .NET Core. Also includes My Thai Star Devon flagship restaurant

Template

Main .net and .NET Core templates to start developing from scratch

License

License agreement

README.md

Github main page

Application templates

The application templates given in the bundle are ready to use.

At the moment .NET Core and .NET templates ar supported. Each template is ready to be used as a simple console application or being deployed in a web server like IIS.

Samples

My Thai Star

You can find My Thai Star .NET port application at Github.

GMailAPIConsumer

The GMailAPIConsumer sample contains both implementations (.NET and :ET Core) of a microservice able to connect to Google API services in order to send emails. The Microservice uses the My Thai Star email address to show how to comunicate with Google API.

Multiplatform

The main purppose of this sample is how to deploy the .NET Core template to different platforms. The sample shows how to build a micro webserver able to be deployed to Linux and iOS.

The main purppose of this sample is how to deploy the .NET Core template to different platforms. The sample shows how to build a micro webserver able to be deployed to Linux and iOS.

Please take a look to the .csproj file in order to see how it works. The next lines in the .csproj show how achieve this:

<PropertyGroup>
  <TargetFramework>netcoreapp2.0</TargetFramework>
  <RuntimeIdentifiers>win10-x64;osx.10.11-x64;ubuntu.14.04-x64</RuntimeIdentifiers>
</PropertyGroup>

Cookbook

Data management

To use EF Core, install the package for the database provider(s) you want to target. This walkthrough uses SQL Server.

For a list of available providers see Database Providers

  • Go to Tools > NuGet Package Manager > Package Manager Console

  • Run Install-Package Microsoft.EntityFrameworkCore.SqlServer

We will be using some Entity Framework Tools to create a model from the database. So we will install the tools package as well:

  • Run Install-Package Microsoft.EntityFrameworkCore.Tools

We will be using some ASP.NET Core Scaffolding tools to create controllers and views later on. So we will install this design package as well:

  • Run Install-Package Microsoft.VisualStudio.Web.CodeGeneration.Design

EF Code first

In order to design your database model from scratch, we encourage to follow the Microsoft guidelines described here.

EF Database first

  • Go to Tools > NuGet Package Manager > Package Manager Console

  • Run the following command to create a model from the existing database:

Scaffold-DbContext "Your connection string to existing database" Microsoft.EntityFrameworkCore.SqlServer -OutputDir Models

The command will create the database context and the mapped entities as well inside of Models folder.

Register your context with dependency injection

Services are registered with dependency injection during application startup.

In order to register your database context (or multiple database context as well) you can add the following line at ConfigureDbService method at startup.cs:

services.AddDbContext<YourModelContext>(
                options => options.UseSqlServer(Configuration.GetConnectionString("Connection name at appsettings.json")));
You should put your Model and Entities in the template’s OASP4Net.Domain.Entities project.

Repositories and Services

Services and Repositories are an important part of OASP4NET proposal. To make them worl properly, first of all must be declared and injected at Startup.cs at DI Region.

Services are declared in OASP4Net.Business.Common and injected in Controller classes when needed. Use services to build your application logic.

technical architecture
Figure 1. Scrennshot of OASP4Net.Business.Common project in depth

For example, My Thai Star Booking controller contructor looks like this:

        public BookingController(IBookingService bookingService, IMapper mapper)
        {
            BookingService = bookingService;
            Mapper = mapper;

        }

Currently OASP4NET has a Unit of Work class in order to perform CRUD operations to database making use of your designed model context.

Repositories are declared at OASP4Net.Domain.UnitOfWork project and make use of Unit of Work class.

The common methods to perform CRUD operations (where <T> is an entity from your model) are:

  • Sync methods:

IList<T> GetAll(Expression<Func<T, bool>> predicate = null);
T Get(Expression<Func<T, bool>> predicate = null);
IList<T> GetAllInclude(IList<string> include, Expression<Func<T, bool>> predicate = null);
T Create(T entity);
void Delete(T entity);
void DeleteById(object id);
void Delete(Expression<Func<T, bool>> where);
void Edit(T entity);
  • Async methods:

Task<IList<T>> GetAllAsync(Expression<Func<T, bool>> predicate = null);
Task<T> GetAsync(Expression<Func<T, bool>> predicate = null);
Task<IList<T>> GetAllIncludeAsync(IList<string> include, Expression<Func<T, bool>> predicate = null);

If you perform a Commit operation and an error happens, changes will be rolled back.

Swagger integration

The given templates allow you to specify the API contract through Swagger integration and the controller classes are the responsable of exposing methods making use of comments in the source code.

The next example shows how to comment the method with summaries in order to define the contract. Add (Triple Slash) XML Documentation To Swagger:

/// <summary>
/// Method to get reservations
/// </summary>
/// <response code="201">Ok.</response>
/// <response code="400">Bad request. Parser data error.</response>
/// <response code="401">Unathorized. Autentication fail</response>
/// <response code="403">Forbidden. Authorization error.</response>
/// <response code="500">Internal Server Error. The search process ended with error.</response>
[HttpPost]
[Route("/mythaistar/services/rest/bookingmanagement/v1/booking/search")]
//[Authorize(Policy = "MTSWaiterPolicy")]
[AllowAnonymous]
[EnableCors("CorsPolicy")]
public async Task<IActionResult> BookingSearch([FromBody]BookingSearchDto bookingSearchDto)
{

In order to be efective and make use of the comments to build the API contract, the project which contains the controller classes must generate the XML document file. To achieve this, the XML documentation file must be checked in project settings tab:

technical architecture
Figure 2. Project settings tab

We propose to generate the file under the XmlDocumentation folder. For example in OASP4Net.Domain.Entities project in My Thai Star .NET implementation the ootput folder is:

XmlDocumentation\OASP4Net.Business.Common.xml

The file OASP4Net.Business.Common.xml won’t appear until you build the project. Once the file is generated, please modify its properties as a resource and set it to be Copy always .

technical architecture
Figure 3. Swagger XML document file properties

Once you have this, the swagger user interface will show the method properties defined in your controller comments.

Making use of this technique controller are not encapsulated to the application project. Also, you can develop your controller classes in different projects obtain code reusability.

Swagger comment:

Comment Functionality

<summary>

Will map to the operation’s summary

<remarks>

Will map to the operation’s description (shown as "Implementation Notes" in the UI)

<response code="###">

Specifies the different response of the target method

<param>

Will define the parameter(s) of the target method

Please check Microsoft’s site regarding to summary notations.

Logging module

An important part of life software is the need of using log and traces. OASP4NET has a log module preconfigured to achieve this important point.

By default Microsoft provides a loging module on .NET Core applications. This module is open and can it can be extended. OASP4NET uses the serilog implementation. This implememntation provides a huge quantity information about events and traces.

Log file

OASP4NET can write the log information to a simple text file. You can configure the file name and folder at appsettings.json file (LogFile attribute) at OASP4Net.Application.WebApi project.

Database log

OASP4NET can write the log information to a SQLite database. You can configure the file name and folder at appsettings.json file (LogDatabase attribute) at OASP4Net.Application.WebApi project.

With this method you can launch queries in order to search the information you are looking for.

Seq log

OASP4NET can write the log information to a serilog server. You can configure the serilog URL at appsettings.json file (SeqLogServerUrl attribute) at OASP4Net.Application.WebApi project.

With this method you can make querys via HTTP.

serilog seq.png

By default you can find the log information at Logs folder.

JWT module

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties allowing you to decode, verify and generate JWT.

You should use JWT for:

  • Authentication : allowing the user to access routes, services, and resources that are permitted with that token.

  • Information Exchange: JSON Web Tokens are a good way of securely transmitting information between parties. Additionally, as the signature is calculated using the header and the payload, you can also verify that the content.

The JWT module is configured at Startup.cs inside OASP4Net.Application.WebApi project from .NET Core template. In this class you can configure the different authentication policy and JWT properties.

Once the user has been authenticated, the client perform the call to the backend with the attribute Bearer plus the token generated at server side.

jwt.png

On My Thai Star sample there are two predefined users: user0 and Waiter. Once they log in the application, the client (Angular/Xamarin) will manage the server call with the json web token. With this method we can manage the server authetication and athorization.

You can find more information about JWT at jwt.io

AOP module

AOP (Aspect Oriented Programming) tracks al information when a method is call. AOP also tracks the input and output data when a method is call.

By default OASP4NET has AOP module precunfigured and activated for controllers at Startup.cs file at OASP4Net.Application.WebApi:

options.Filters.Add(new Infrastructure.AOP.AopControllerAttribute(Log.Logger));

options.Filters.Add(new Infrastructure.AOP.AopExceptionFilter(Log.Logger));

This configuration allows all Controller clases to be tracked. If you don’t need to track the info comment the lines written before.

Docker support

OASP4NET Core projects are ready to be integrated with docker.

My Thai Star application sample is ready to be use with linux docker containers. The Readme file explains how to launch and setup the sample application.

  • angular : Angular client to support backend. Just binaries.

  • database : Database scripts and .bak file

  • mailservice: Microservice implementation to send notifications.

  • netcore: Server side using .net core 2.0.x.

  • xamarin: Xamarin client based on Excalibur framework from The Netherlands using XForms.

Docker configuration and docker-compose files are provided.

Testing with XUnit

xUnit.net is a free, open source, community-focused unit testing tool for the .NET Framework. Written by the original inventor of NUnit v2, xUnit.net is the latest technology for unit testing C#, F#, VB.NET and other .NET languages. xUnit.net works with ReSharper, CodeRush, TestDriven.NET and Xamarin. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).

— About xUnit.net
https://xunit.github.io/#documentation

Facts are tests which are always true. They test invariant conditions.

Theories are tests which are only true for a particular set of data.

The first test

using Xunit;

namespace MyFirstUnitTests
{
    public class Class1
    {
        [Fact]
        public void PassingTest()
        {
            Assert.Equal(4, Add(2, 2));
        }

        [Fact]
        public void FailingTest()
        {
            Assert.Equal(5, Add(2, 2));
        }

        int Add(int x, int y)
        {
            return x + y;
        }
    }
}

The first test with theory

Theory attribute is used to create tests with input params:

[Theory]
[InlineData(3)]
[InlineData(5)]
[InlineData(6)]
public void MyFirstTheory(int value)
{
    Assert.True(IsOdd(value));
}

bool IsOdd(int value)
{
    return value % 2 == 1;
}

Cheat Sheet

Operation Example

Test

[Fact]

public void Test() { }

Setup

public class TestFixture { public TestFixture() {

…​

}

}

Teardown

public class TestFixture : IDisposable

{

public void Dispose() {

…​ }

}

Console runner return codes

Code Meaning

0

The tests ran successfully.

1

One or more of the tests failed.

2

The help page was shown, either because it was requested, or because the user did not provide any command line arguments.

3

There was a problem with one of the command line options passed to the runner.

4

There was a problem loading one or more of the test assemblies (for example, if a 64-bit only assembly is run with the 32-bit test runner).

Publishing

Nginx

In order to deploy your application to a Nginx server on Linux platform you can follow the instructions from Microsoft here.

IIS

In this point is shown the configuration options that must implement the .Net Core application.

Supported operating systems:

  • Windows 7 and newer

  • Windows Server 2008 R2 and newer*

WebListener server will not work in a reverse-proxy configuration with IIS. You must use the Kestrel server.

IIS configuration

Enable the Web Server (IIS) role and establish role services.

Windows desktop operating systems

Navigate to Control Panel > Programs > Programs and Features > Turn Windows features on or off (left side of the screen). Open the group for Internet Information Services and Web Management Tools. Check the box for IIS Management Console. Check the box for World Wide Web Services. Accept the default features for World Wide Web Services or customize the IIS features to suit your needs.

iis 1.png

*Conceptually, the IIS configuration described in this document also applies to hosting ASP.NET Core applications on Nano Server IIS, but refer to ASP.NET Core with IIS on Nano Server for specific instructions.

Windows Server operating systems For server operating systems, use the Add Roles and Features wizard via the Manage menu or the link in Server Manager. On the Server Roles step, check the box for Web Server (IIS).

iis 2.png

On the Role services step, select the IIS role services you desire or accept the default role services provided.

iis 3.png

Proceed through the Confirmation step to install the web server role and services. A server/IIS restart is not required after installing the Web Server (IIS) role.

Install the .NET Core Windows Server Hosting bundle

  1. Install the .NET Core Windows Server Hosting bundle on the hosting system. The bundle will install the .NET Core Runtime, .NET Core Library, and the ASP.NET Core Module. The module creates the reverse-proxy between IIS and the Kestrel server. Note: If the system doesn’t have an Internet connection, obtain and install the Microsoft Visual C++ 2015 Redistributable before installing the .NET Core Windows Server Hosting bundle.

  2. Restart the system or execute net stop was /y followed by net start w3svc from a command prompt to pick up a change to the system PATH.

If you use an IIS Shared Configuration, see ASP.NET Core Module with IIS Shared Configuration.

To configure IISIntegration service options, include a service configuration for IISOptions in ConfigureServices:

services.Configure<IISOptions>(options =>
{
    ...
});
Option Default Setting

AutomaticAuthentication

true

If true, the authentication middleware sets the HttpContext.User and responds to generic challenges. If false, the authentication middleware only provides an identity (HttpContext.User) and responds to challenges when explicitly requested by the AuthenticationScheme. Windows Authentication must be enabled in IIS for AutomaticAuthentication to function.

AuthenticationDisplayName

null

Sets the display name shown to users on login pages.

ForwardClientCertificate

true

If true and the MS-ASPNETCORE-CLIENTCERT request header is present, the HttpContext.Connection.ClientCertificate is populated.

web.config

The web.config file configures the ASP.NET Core Module and provides other IIS configuration. Creating, transforming, and publishing web.config is handled by Microsoft.NET.Sdk.Web, which is included when you set your project’s SDK at the top of your .csproj file, <Project Sdk="Microsoft.NET.Sdk.Web">. To prevent the MSBuild target from transforming your web.config file, add the <IsTransformWebConfigDisabled> property to your project file with a setting of true:

<PropertyGroup>
  <IsTransformWebConfigDisabled>true</IsTransformWebConfigDisabled>
</PropertyGroup>

Azure

In order to deploy your application to Azure platform you can follow the instructions from Microsoft:

Set up the development environment

Create a web app

In the Visual Studio Start Page, select File > New > Project…​

File menu

Complete the New Project dialog:

  • In the left pane, select .NET Core.

  • In the center pane, select ASP.NET Core Web Application.

  • Select OK.

New Project dialog

In the New ASP.NET Core Web Application dialog:

  • Select Web Application.

  • Select Change Authentication.

New Project dialog

The Change Authentication dialog appears.

  • Select Individual User Accounts.

  • Select OK to return to the New ASP.NET Core Web Application, then select OK again.

New ASP.NET Core Web authentication dialog

Visual Studio creates the solution.

Run the app locally

  • Choose Debug then Start Without Debugging to run the app locally.

  • Click the About and Contact links to verify the web application works.

Web application open in Microsoft Edge on localhost
  • Select Register and register a new user. You can use a fictitious email address. When you submit, the page displays the following error:

"Internal Server Error: A database operation failed while processing the request. SQL exception: Cannot open the database. Applying existing migrations for Application DB context may resolve this issue."

  • Select Apply Migrations and, once the page updates, refresh the page.

Internal Server Error: A database operation failed while processing the request. SQL exception: Cannot open the database. Applying existing migrations for Application DB context may resolve this issue.

The app displays the email used to register the new user and a Log out link.

Web application open in Microsoft Edge. The Register link is replaced by the text Hello email@domain.com!

Deploy the app to Azure

Close the web page, return to Visual Studio, and select Stop Debugging from the Debug menu.

Right-click on the project in Solution Explorer and select Publish…​.

Contextual menu open with Publish link highlighted

In the Publish dialog, select Microsoft Azure App Service and click Publish.

Publish dialog
  • Name the app a unique name.

  • Select a subscription.

  • Select New…​ for the resource group and enter a name for the new resource group.

  • Select New…​ for the app service plan and select a location near you. You can keep the name that is generated by default.

App Service dialog
  • Select the Services tab to create a new database.

  • Select the green + icon to create a new SQL Database

New SQL Database
  • Select New…​ on the Configure SQL Database dialog to create a new database.

New SQL Database and server

The Configure SQL Server dialog appears.

  • Enter an administrator user name and password, and then select OK. Don’t forget the user name and password you create in this step. You can keep the default Server Name.

  • Enter names for the database and connection string.

Note

"admin" is not allowed as the administrator user name.

Configure SQL Server dialog
  • Select OK.

Visual Studio returns to the Create App Service dialog.

  • Select Create on the Create App Service dialog.

Configure SQL Database dialog
  • Click the Settings link in the Publish dialog.

Publish dialog: Connection panel

On the Settings page of the Publish dialog:

  • Expand Databases and check Use this connection string at runtime.

  • Expand Entity Framework Migrations and check Apply this migration on publish.

  • Select Save. Visual Studio returns to the Publish dialog.

Publish dialog: Settings panel

Click Publish. Visual Studio will publish your app to Azure and launch the cloud app in your browser.

Test your app in Azure

  • Test the About and Contact links

  • Register a new user

Web application opened in Microsoft Edge on Azure App Service

Update the app

  • Edit the Pages/About.cshtml Razor page and change its contents. For example, you can modify the paragraph to say "Hello ASP.NET Core!":

    html<button class="action copy" data-bi-name="copy">Copy</button>
@page
@model AboutModel
@{
    ViewData["Title"] = "About";
}
<h2>@ViewData["Title"]</h2>
<h3>@Model.Message</h3>

    <p>Hello ASP.NET Core!</p>
  • Right-click on the project and select Publish…​ again.

Contextual menu open with Publish link highlighted
  • After the app is published, verify the changes you made are available on Azure.

Verify task is complete

Clean up

When you have finished testing the app, go to the Azure portal and delete the app.

  • Select Resource groups, then select the resource group you created.

Azure Portal: Resource Groups in sidebar menu
  • In the Resource groups page, select Delete.

Azure Portal: Resource Groups page
  • Enter the name of the resource group and select Delete. Your app and all other resources created in this tutorial are now deleted from Azure.